Recently one of my customers site was spiking in traffic and blowing the bandwidth. The first day I increased the bandwidth. But it blew it the next day. Seemed a bit fishy to me. I thought I would investigate the matter and when I logged into the FTP program I saw a folder called blog that was installed a few months ago. It had about 10000 files! All spammy pages selling viagra or canadian pharmacy products.

While having a chat with my hosting support one of the things I was told could happen was – if you had a malware or virus on your local hard drive and if you uploaded a file through FTP the malware could install a billion files on your remote server. WOW!  This was news to me. Yuk. It took me an hour to delete the files from the server.

I have started scanning my PC every night for Malware now.  I use Pareto Logic’s virus & malware checker . It seems to do the job well.

So if you have a website and you upload files please keep your PC scanned and cleaned regularly to avoid any nasty viruses.

On that note I read a funny bit today. The tech review site Gizmodo got caught themselves. (funny) They were advertising spammy antivirus on their site. These software come in disguise and actually install real viruses on your hard drive.

I don’t know if it is me or the general trend I seem to get loads of spam in my inbox and in my spam box.  It looks like it has increased almost ten fold maybe. Very annoying as it eats into my time – cleaning my inbox.

But lately the news about hotmail users emails hacked and Gmail users getting hacked by a phishing scam is a bit more scary. If those big corporations cannot keep the hackers at bay what are ordinary people like me going to do?

What is phishing?

Phishing is a broad term for any effort to gain personal data, directly from the user – login details, passwords, bank account details, etc. – by tricking them into entering it into a website or email.

How does it work?

Most often, a phishing attempt will direct a user to a “spoof” website, designed to look like a user’s legitimate banking site, payment service, or social network site.

An old standby for malware in general being brought into the phishing tackle box is pop-up advertising that offers updated system performance or anti-virus software. Instead, users may be installing a key-logger that reports back with any passwords or details entered thereafter. This is exactly what you are trying to avoid.

How do I avoid being phished?

Some simple steps to take:-

• First and foremost, having up-to-date anti-virus and anti-spyware programs is the best first line of defence. I use Pareto Logic anti virus software suit which seems to work well

  Also, always remember that your bank and most reputable third-party payment services will never ask you for your password. They would already have it.

• They will also always address you by your name and not dear customer etc.
• It is easy to create a spoof site but not easy to mask the the actual place where it sits in cyberspace. All you have to do is to hover over the URl in the browser and watch the bottom left to see where it is.
• Never click on attachement from an unknown source. This is an easy place to hide viruses and malware.

This time one of my sites that makes me money got hacked. It is a pretty large site with hundreds of products. Gets only natural traffic. Yesterday I went to check on the site and found my index file had been defaced. These are the steps I took

• I logged in to my FTP program (Filezilla) and blew the site
• Went to my backup folder on my computer and uploaded all the files.
• I got it back to where it was 98%. (Some links are broken)
• It is up and running again. It took me 20 minutes to do this.

What I did not do was to check if only my index file was defaced or Iframe was injected. I learnt about Iframe only this morning. It is something very nasty.
“After they put the iframe code into that person’s pages, anyone visiting that site will be redirected to the hackers infection site, where the person’s computer will be injected and infected. The hackers are depending on site owners not knowing their sites have been hacked so that the number of hacked sites will grow (as they have starting in Italy) into the tens of thousands… Please don’t think you can depend solely on your antivirus software to protect your computer. It more than likely won’t help you. For $1000 dollars, the russian hacking bulletin boards are offering Mpack with 1 year support and a GUARANTEE that virus programs will not catch the keyloggers. SO, keep your virus program updated, but don’t depend on it completely!”  – This is from a digitalpoint thread.
Solution
If you are facing this problem and your administrator says it is only your account, just change the FTP password and it will stop. Just changing password is not complete solution but is the first step.

What next?  Your password is leaked that means your computer is sending out the passwords, so I would suggest you to do a clean format first and then install any antivirus of spyware which you think could block it. But the best solution is to clean format the computer.
Just do these two things:

1) Change the FTP or root password of server
2) Clean and format the PC

Things to do

• Always backup your files to local hard drive. (saves you a lot of pain)
• Keep your antivirus up to date.
• Use password generator and change password often and don’t use the same password for all sites
• Keep password secure

I use Roboform and Pareto antivirus to keep me up to date and I still got hacked! Got to step up my security.

I get a lot of junk in my mailbox everyday. Today the count was like 294. Most of them I know is junk from the subject line. The usual viagra, canadian pharmacy you have won the euro lottery, my south american inheritance.

Once in a while I will get the Bank of America ones telling me to update my details blah.

The ones that stump me are the ones that sneak into my inbox somehow and where I have a legit account. They will have the same colour as the real company. The logo will be perfect. The format will be exact as the ones you get in the mail. The link will even go to the fake site that looks like the real site.

I almost replied to one a few months ago. Something made me stop. I remembered vaguely reading the important information in the security section of the real site.

It went something like this

• We will never send you an email asking for your personal information
• We will never ask your for you log in information in an email
• We will always address you with your full name (registered name) and nothing else

Ah ha! this email said dear valued customer! can you reset your log in password as we have had some tech difficulties blah blah.

Don’t be fooled by the look and feel of these type of emails . By rule never give out personal information in email especially log in password or bank account details.

Online theft costs $1 trillion a year, the number of attacks is rising sharply and too many people do not know how to protect themselves say the experts.

• Set your passwords to real difficult
• Don’t have the same password across board
• Change your passwords frequently
• Have good security programs on the computer that you login to your bank account.

To change your password frequently and finding a difficult password is tedious. I use Roboform to generate random passwords for me in a second.

If you think you’re getting a lot of spam these days, well, you are not alone. Microsoft has released a report that says 97 % of mail that is being sent is unwanted spam like phishing attacks or viruses.
The good news: Spam filters are getting better than ever. Microsoft’s filter system for Exchange now scrubs out 39 out of every 40 emails sent. Spam also saw that slight decline thanks to the shut down last year of the ISP McColo, a major haven for spammers who suddenly had to go shopping elsewhere.

What are we being spammed about? Pharmacy and other product ads make up the lion’s share of spam, accounting for 72.2 percent of all spam sent. Only 10 % of that is for Viagra or Cialis. Image-only spam, dating come-ons, financial spam, and fraudulent diplomas round out the remainder of the most common spam subjects.
In the related world of malware infections, the Microsoft report noted that worldwide, 8.6 machines were suffering from malware for every 1,000 which were clean. That sounds pretty good, but it still translates to about 9 million computers worldwide suffering from malware attacks. What do you need to watch out for today, attack-wise? The most common attacks at the moment target Microsoft Office and PDF files, and those types of attacks are further on the rise.

Is your computer protected? The only way to stay ahead of these spammers is to keep all your softwares up to date and keep your Anti virus up to date as well. If you don’t have one I encourage you to buy a real anti virus. I use Pareto Logic anti virus. One worry out of my way.

I know I have written about this topic many times before. A story I read today reminded me not to take this subject lightly.

I was just now reading a blogger’s post about ” How he fell for a phishing attack and the response or no response from Google.

Mark Gosh is a blogger and has a community in Orkut with a following of 25k. He fell for a phishing attack and his profile was taken over by the hackers. He also uses Gmail to store a lot of stuff. (Don’t ask me why people do this kind of silly stuff – really!) He had the same login password for both (Duh!)
He changed his log in password for both his accounts. But the hackers managed to play hell with his Orkut community. Here is why it was happening.
“The Orkut application stores cookies in such a way that if your cookie is ever recreated by someone else or transmitted to someone else, they can use that cookie to log in to Orkut as you. forever. No matter how you change your credentials, you have no recourse of regaining control. So if you ever get caught in a phishing scam that sends your password to someone else and they recreate your orkut_state cookie, they can login as you forever.”

He states that is spite of ringing,emailing Orkut help and Google he got no where. Looks like Google does not want to know about him. What do you do? I personally feel he got himself into this mess.

The most important rule of online activity is not to have a common login password. That way you can cut your losses if something like this happens. Have long difficult passwords and keep changing them often. This can be a tedious job if you do it manually.

I use Roboform to generate random passwords for me in a second.
But it is also sad that big companies do not care about you when you get into a kind of soup. In the past I have had some troubles with Google and no they did not want to know about me.

“More than 3 million PCs affected by a worm”. This was the news headline a couple of days ago.

latest security updates is posing a growing threat to users.
The malicious program, known as Conficker, Downadup, or Kido was first discovered in October 2008. Although Microsoft released a patch, it has gone on to infect 3.5m machines.
Experts warn this figure could be far higher and say users should have up-to-date anti-virus software and install Microsoft’s MS08-067 patch.
Once the worm is up and running, it creates an HTTP server, resets a machine’s System Restore point (making it far harder to recover the infected system) and then downloads files from the hacker’s web site.

Uusally the hackers websites can be easily traced and shut down. Apparently this worm works in a different way.

Anti-virus firm F-Secure says that the worm uses a complicated algorithm to generate hundreds of different domain names every day. The domains look like those unpronounceable ones that you see in your spam box.

The way it spreads includes USB sticks, so if someone got an infection from one company and then takes his USB stick to another firm, it could infect that network too. It also downloads lots of content creating new variants though this mechanism.”

The message is clear. Use a good antivirus program. Never accept USB sticks from others. Especially people you do not know. I  usually carry a couple in bag always. The other trick I learnt is if you have to grab a file from another computer. creat an email. Attach the file and save as a draft. Come home and download the file. Your antivirus will scan and let you know if it safe.
But bottom line is have a good antivurus program installed in your computer like Pareto logic’s Antivirus program to catch all those nasty worms.

I read a news article today about how online crime will flourish in economic downturn.

The reason given is – crime tends to go up when unemployment rises. Makes a lot of sense to me. When people are desperate for some money they will try all means to get the money. People these days are computer literate.

Layoffs of many people familiar with net technology may tempt more into crime, simply because their chances of being caught are slim. Equally, the punishments for those that are caught are not harsh.
Those that do not turn to hi-tech crime would find,an underground service economy that will sell them all the bits they need to get started as a net criminal.

Card Games
Online fraud will increase a lot in 2009 according to online security firms. Stealing credit card numbers is getting easier. It’s a lucrative area and it’s relatively easy to do.
Those unwilling to become spammers or phishers, might well be a tempted into low-grade fraud – especially if they have lost their job or are struggling to make ends meet.

Gambling tends to go up when economies are down,This might make people more willing to work alongside web criminals and act as money launderers or mules. Online Experts say.

On the whole if you shop online or spend time browsing chatting or anything else make sure your comoputer is protected from viruses and trojans and all the other gazillion malicious programs on the some of the sites you visit. Most of the time you will not even know your computer has been compromised till something serious happens like you lose all you precious photos stored on your hard drive or you see some suspicious activity on your credit card.

Change your password regularly and make it a very difficult one. These things do matter. Every little bit helps. I run a business from home. I take computer security very seriously. I have many programs protecting my computer including firewalls etc..
I use

Roboform to create long hard passwords and keep it updated regularly to avoid passwords for important programs and on line activities

I also use Antivirus program lik Pareto Logic Antivirus Pro to keep off the nasties.

Don’t get caught with a virus or some password stealing trojan and regret later on.

Happy browsing.

In the world of spam, what goes down must come up.
Spam actually went down after the shutting down of the webhost McColo. Some 450,000 infected computers have been spotted trying to connect to the largest of the networks McColo hosted. A news item in BBC website.
Apparently McColo served as host to a number of “command and control” centres for botnets, networks of infected computers called bots that send spam and engage in other malicious activities. As there is no centralized command the bot owners will be looking for new hosts.
FireEye security firm has found  450,000 infected computers from one botnet. This accounts for almost half the spam in the world!
Christmas time is an active time for spam. So to fill in the gap with low spam other hosts have increased their activity. So yes very soon they will reach the old levels again. All we can do is have good virus protection and anti spam programs to combat these viruses. Is your computer protected?
I use Pareto Logic anti spam and virus protection. I strongly encourage you to get your computer protected against these vicious programs.
Check out Pareto Logic anti virus program

I was talking to a friend of mine a couple of days ago. She has been running up high phone bills over the weekend. The reason – She entered the green card lottery online. Before she paid by credit card she checked out the website thoroughly made sure it looked legit. The site was well designed had contact email etc.
Her family and friends told her to beware of scam sites. So she went to the US govt website which warned her that there were many companies scamming people for the lottery. She had to run around ringing the Better Business Bureau and few others. As she still was not sure if the company was legit she cancelled her credit card. She also found out even if the card is cancelled it can be charged here in New Zealand. The banks do not protect you against this!

The point I am making is however careful you are sometimes slips happen. Some tips when dealing online.

• Make sure the site you are making payment looks legit.
• There are contact details like telephone, Physical address etc
• At the bottom look for privacy policy, non disclosure etc.
• Try to avoid suspicious looking sites
• Avoid sites with popup windows popping constantly

Even then you can get scammed. The other scarier side is identity theft. Once they have your details they can assume your identity and rack up debt and your credit ratings can go down. It takes a long time to undo this.

Some tips to avoid online problems

• Keep your passwords strong and long.
• Don’t have one password for all your accounts
• Change your password often. (keep a spreadsheet to avoid confusion)
• Use a program like Roboform to do this.

Have a good antivirus program installed in your computer. Even then at times your hard drive can be compromised. I use antivirus plus by Pareto Logic and so far have not had a problem.
A good antivirus program should also detect viruses, spyware, adware, rootkits, ID-theft, keyloggers, Trojan horses and drive-by downloads. Sometimes without your knowing you can download malware from a site you visit. A program like antivirus plus will stop that from happening. I will post more about identity theft in the next couple of days.